Adobe ColdFusion Multiple Vulnerabilities
Release Date:
20 Jul 2023
5271
Views
RISK: High Risk
TYPE: Clients - Productivity Products
Multiple vulnerabilities were identified in Adobe ColdFusion. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and security restriction bypass on the targeted system.
Note:
CVE-2023-38205 under limited, targeted exploitation.
Impact
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- ColdFusion 2018 - Update 18 and earlier versions
- ColdFusion 2021 - Update 8 and earlier versions
- ColdFusion 2023 - Update 2 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
Vulnerability Identifier
Source
Related Link
Share with